Commit 7a9ab23d authored by Mingyang Zhu's avatar Mingyang Zhu
Browse files

# Conflicts:

#	NOTICE
#	pom.xml
#	provider/partition-azure/pom.xml
parent 5753dcfe
Pipeline #40319 failed with stages
in 30 minutes and 32 seconds
This diff is collapsed.
......@@ -63,6 +63,8 @@ spec:
value: "80"
- name: ACCEPT_HTTP # TEMPORARY UNTIL HTTPS
value: "true"
- name: partition_spring_logging_level
value: INFO
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
......
......@@ -16,9 +16,7 @@
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.opengroup.osdu</groupId>
<artifactId>partition-core</artifactId>
<version>0.9.0-SNAPSHOT</version>
<description>Core project for the partition service</description>
<packaging>jar</packaging>
......@@ -42,9 +40,6 @@
<cobertura_maven_plugin_version>2.7</cobertura_maven_plugin_version>
<maven_surefire_plugin_version>3.0.0-M4</maven_surefire_plugin_version>
<maven_failsafe_plugin_version>3.0.0-M4</maven_failsafe_plugin_version>
<!--
<springfox-version>2.9.2</springfox-version>
-->
</properties>
<dependencies>
......@@ -56,27 +51,10 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>${os-core-common.version}</version>
<exclusions>
<exclusion>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-client</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
......@@ -93,12 +71,6 @@
</exclusions>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>jwks-rsa</artifactId>
<version>0.12.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
......@@ -158,6 +130,15 @@
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>${springfox-version}</version>
<exclusions>
<exclusion>
<!--
Excluding com.google.guava:guava:jar:18.0, because it has security vulnerability
-->
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
......
......@@ -26,8 +26,8 @@
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.source>1.8</maven.compiler.source>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<os-core-common.version>0.9.0-rc6</os-core-common.version>
<tomcat_embed_core_version>9.0.37</tomcat_embed_core_version>
<os-core-common.version>0.9.0-rc7</os-core-common.version>
<org.springframework.boot.version>2.4.5</org.springframework.boot.version>
</properties>
<packaging>pom</packaging>
......@@ -35,18 +35,13 @@
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>2.3.5.RELEASE</version>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>${os-core-common.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>${tomcat_embed_core_version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
......@@ -62,6 +57,14 @@
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-client</artifactId>
</exclusion>
<exclusion>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
</exclusion>
<exclusion>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-high-level-client</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
......@@ -82,7 +85,7 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>2.3.1.RELEASE</version>
<version>${org.springframework.boot.version}</version>
</plugin>
</plugins>
</pluginManagement>
......
......@@ -27,7 +27,6 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>partition-aws</artifactId>
<version>0.9.0-SNAPSHOT</version>
<description>Partition service on AWS</description>
<packaging>jar</packaging>
......@@ -63,7 +62,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>partition-core</artifactId>
<version>0.9.0-SNAPSHOT</version>
<version>${project.version}</version>
</dependency>
<!-- AWS managed packages -->
......
......@@ -10,20 +10,15 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>partition-azure</artifactId>
<version>0.9.0-SNAPSHOT</version>
<description>Partition service on Azure</description>
<packaging>jar</packaging>
<properties>
<osdu.partition-core.version>0.9.0-SNAPSHOT</osdu.partition-core.version>
<osdu.corelibazure.version>0.9.0-rc2</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.9.0-rc6</osdu.oscorecommon.version>
<azure.version>2.3.5</azure.version>
<osdu.corelibazure.version>0.9.0-rc3</osdu.corelibazure.version>
<junit.version>4.12</junit.version>
<mockito.version>2.25.0</mockito.version>
<powermock.version>2.0.2</powermock.version>
<nimbus-jose-jwt>7.9</nimbus-jose-jwt>
<jwks-rsa>0.12.0</jwks-rsa>
<json-smart.version>2.4.6</json-smart.version>
</properties>
<dependencyManagement>
......@@ -44,7 +39,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>partition-core</artifactId>
<version>${osdu.partition-core.version}</version>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
......@@ -54,12 +49,16 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<exclusions>
<exclusion>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-client</artifactId>
</exclusion>
</exclusions>
</dependency>
<!--
Many dependencies contain library with vulnerabilities: net.minidev:json-smart:jar:2.3
because of that we need to enforce the higher version
-->
<dependency>
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
<version>${json-smart.version}</version>
</dependency>
<dependency>
......@@ -86,38 +85,16 @@
</dependency>
<!-- Azure dependencies -->
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-spring-boot-metrics-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-log4j2</artifactId>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-storage</artifactId>
<version>8.6.5</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-active-directory-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>msal4j</artifactId>
<groupId>com.azure.spring</groupId>
<artifactId>azure-spring-boot-starter-active-directory</artifactId>
</dependency>
<!-- Other dependencies -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>jwks-rsa</artifactId>
<version>${jwks-rsa}</version>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>${nimbus-jose-jwt}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
......
......@@ -14,7 +14,7 @@
package org.opengroup.osdu.partition.provider.azure.security;
import com.microsoft.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import com.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
......
......@@ -14,12 +14,14 @@
package org.opengroup.osdu.partition.provider.azure.utils;
import com.microsoft.azure.spring.autoconfigure.aad.UserPrincipal;
import com.azure.spring.autoconfigure.aad.UserPrincipal;
import org.opengroup.osdu.partition.provider.interfaces.IAuthorizationService;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import java.util.Map;
@Component
public class AuthorizationService implements IAuthorizationService {
......@@ -64,9 +66,10 @@ public class AuthorizationService implements IAuthorizationService {
*/
private UserType getType(UserPrincipal u) {
UserType type;
if (u.getUpn() != null) {
Map<String, Object> claims = u.getClaims();
if (claims != null && claims.get("upn") != null) {
type = UserType.REGULAR_USER;
} else if (u.getUniqueName() != null) {
} else if (claims != null && claims.get("unique_name") != null) {
type = UserType.GUEST_USER;
} else {
type = UserType.SERVICE_PRINCIPAL;
......
LOG_PREFIX=partition
server.servlet.contextPath=/api/partition/v1
logging.level.org.springframework.web=DEBUG
logging.level.org.springframework.web=${partition_spring_logging_level:INFO}
JAVA_OPTS=-Dserver.port=80
server.port=8080
springfox.documentation.swagger.v2.path=/api-docs
PARTITION_API=
#logging configuration
logging.transaction.enabled=true
......
......@@ -14,10 +14,9 @@
package org.opengroup.osdu.partition.provider.azure.security;
import com.microsoft.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import com.microsoft.azure.spring.autoconfigure.aad.UserPrincipalManager;
import com.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import com.azure.spring.autoconfigure.aad.UserPrincipalManager;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opengroup.osdu.partition.api.PartitionApi;
......
......@@ -14,12 +14,13 @@
package org.opengroup.osdu.partition.provider.azure.security;
import com.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import com.azure.spring.autoconfigure.aad.UserPrincipalManager;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
......@@ -36,9 +37,6 @@ import org.springframework.web.context.WebApplicationContext;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import com.microsoft.azure.spring.autoconfigure.aad.AADAppRoleStatelessAuthenticationFilter;
import com.microsoft.azure.spring.autoconfigure.aad.UserPrincipalManager;
@RunWith(SpringRunner.class)
@PrepareForTest(SecurityContextHolder.class)
@SpringBootTest(classes = {WhoamiController.class, AADSecurityConfig.class,
......
......@@ -14,7 +14,7 @@
package org.opengroup.osdu.partition.provider.azure.utils;
import com.microsoft.azure.spring.autoconfigure.aad.UserPrincipal;
import com.azure.spring.autoconfigure.aad.UserPrincipal;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
......@@ -69,7 +69,7 @@ public class AuthorizationServiceTest {
.build();
final JWSObject jwsObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.RS256).build(),
new Payload(jwtClaimsSet.toString()));
return new UserPrincipal(jwsObject, jwtClaimsSet);
return new UserPrincipal("token", jwsObject, jwtClaimsSet);
}
private DummyAuthToken createSAuthToken(final String email, final String appcode) {
......
......@@ -10,7 +10,6 @@
</parent>
<artifactId>partition-gcp</artifactId>
<version>0.9.0-SNAPSHOT</version>
<description>Partition service on GCP</description>
<packaging>jar</packaging>
......@@ -19,12 +18,11 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>partition-core</artifactId>
<version>0.9.0-SNAPSHOT</version>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.3.28</version>
</dependency>
<dependency>
......
......@@ -15,7 +15,6 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>partition-ibm</artifactId>
<version>0.9.0-SNAPSHOT</version>
<description>Partition service on IBM</description>
<packaging>jar</packaging>
......@@ -33,7 +32,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>partition-core</artifactId>
<version>0.9.0-SNAPSHOT</version>
<version>${project.version}</version>
</dependency>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment